Tag: spy
-
Spy vs. spy: How GenAI is powering defenders and attackers
Generative AI is rapidly transforming cybersecurity for both defenders and attackers. This blog highlights current uses, emerging threats, and the evolving landscape as capabilities advance. First seen on blog.talosintelligence.com Jump to article: blog.talosintelligence.com/spy-vs-spy-how-genai-is-powering-defenders-and-attackers/
-
‘ShadyPanda’ Hackers Weaponize Millions of Browsers
The China-based cyber-threat group has been quietly using malicious extensions on the Google Chrome and Microsoft Edge marketplaces to spy on millions of users. First seen on darkreading.com Jump to article: www.darkreading.com/endpoint-security/shadypanda-hackers-weaponize-browsers
-
Russian spy ship theories sink after Orkney blackout traced to wind farm fault
Timing of Yantar’s visit sparked gossip, but engineers point to a misbehaving protection system First seen on theregister.com Jump to article: www.theregister.com/2025/11/25/russian_warship_fears_orkney/
-
UK drug funds flowed into bank tied to Russian spy services, military
The NCA on Friday confirmed that a money laundering network under investigation was used to purchase Keremet Bank in Kyrgyzstan, which was sanctioned earlier this year. First seen on therecord.media Jump to article: therecord.media/uk-drug-funds-flowed-into-bank-tied-to-russia
-
PlushDaemon Hackers Unleash New Malware in China-Aligned Spy Campaigns
The cyber espionage group uses a previously undocumented network implant to drop two downloaders, LittleDaemon and DaemonLogistics, which deliver a backdoor First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/plushdaemon-new-malware-china-spy/
-
âš¡ Weekly Recap: Fortinet Exploited, China’s AI Hacks, PhaaS Empire Falls & More
This week showed just how fast things can go wrong when no one’s watching. Some attacks were silent and sneaky. Others used tools we trust every day, like AI, VPNs, or app stores, to cause damage without setting off alarms.It’s not just about hacking anymore. Criminals are building systems to make money, spy, or spread…
-
Iranian Hackers Launch ‘SpearSpecter’ Spy Operation on Defense & Government Targets
The Iranian state-sponsored threat actor known as APT42 has been observed targeting individuals and organizations that are of interest to the Islamic Revolutionary Guard Corps (IRGC) as part of a new espionage-focused campaign.The activity, detected in early September 2025 and assessed to be ongoing, has been codenamed SpearSpecter by the Israel National Digital Agency (INDA).”The…
-
Anthropic Claude AI Used by Chinese-Back Hackers in Spy Campaign
AI vendor Anthropic says a China-backed threat group used the agentic capabilities in its Claude AI model to automate as much as 90% of the operations in a info-stealing campaign that presages how hackers will used increasingly sophisticated AI capabilities in future cyberattacks. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/11/anthropic-claude-ai-used-by-chinese-back-hackers-in-spy-campaign/
-
Anthropic Claude AI Used by Chinese-Back Hackers in Spy Campaign
AI vendor Anthropic says a China-backed threat group used the agentic capabilities in its Claude AI model to automate as much as 90% of the operations in a info-stealing campaign that presages how hackers will used increasingly sophisticated AI capabilities in future cyberattacks. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/11/anthropic-claude-ai-used-by-chinese-back-hackers-in-spy-campaign/
-
Fantasy Hub: Russian-sold Android RAT boasts full device espionage as MaaS
Researchers found Fantasy Hub, a Russian MaaS Android RAT that lets attackers spy, steal data, and control devices via Telegram. Zimperium researchers uncovered Fantasy Hub, a Russian-sold Android RAT offered as Malware-as-a-Service, enabling spying, device control, and data theft via Telegram. The malware allows operators to take over infected devices, gathering SMS messages, contacts, call…
-
North Korea-linked Konni APT used Google Find Hub to erase data and spy on defectors
North Korea-linked APT Konni posed as counselors to steal data and wipe Android phones via Google Find Hub in Sept 2025. Genians Security Center researchers warn that the North Korea-linked Konni APT group (aka Kimsuky, Earth Imp, TA406, Thallium, Vedalia, and Velvet Chollima) posed as counselors to hack Android and Windows, stealing data and wiping phones…
-
LANDFALL Spyware Targeted Samsung Galaxy Phones via Malicious Images
Unit 42 discovered LANDFALL, commercial-grade Android spyware, which used a hidden image vulnerability (CVE-2025-21042) to remotely spy on Samsung Galaxy users via WhatsApp. Update your phone now. First seen on hackread.com Jump to article: hackread.com/landfall-spyware-samsung-galaxy-malicious-images/
-
Russia-linked ‘Curly COMrades’ turn to malicious virtual machines for digital spy campaigns
A cyber-espionage operation installed lightweight virtual machines to evade detection, researchers said, in the latest sign of Russia-linked hackers adapting their tactics. First seen on therecord.media Jump to article: therecord.media/virtual-machines-cyber-espionage-russia-linked-curly-comrades
-
Phone location data of top EU officials for sale, report finds
Journalists in Europe found it was “easy” to spy on top European Union officials using commercially obtained location data sold by data brokers, despite the continent having some of the strongest data protection laws in the world. First seen on techcrunch.com Jump to article: techcrunch.com/2025/11/04/phone-location-data-of-top-eu-officials-for-sale-report-finds/
-
Airstalk Malware Turns MDM Tools into Covert Spy Channels
Airstalk discovery reveals nation-state hackers exploiting trusted tools to infiltrate supply chains undetected. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/airstalk-malware-turns-mdm-tools-into-covert-spy-channels/
-
Airstalk Malware Turns MDM Tools into Covert Spy Channels
Airstalk discovery reveals nation-state hackers exploiting trusted tools to infiltrate supply chains undetected. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/airstalk-malware-turns-mdm-tools-into-covert-spy-channels/
-
China-linked UNC6384 exploits Windows zero-day to spy on European diplomats
A China-linked APT group UNC6384 exploits a Windows zero-day in an active cyber espionage targeting European diplomats. Arctic Wolf Labs researchers uncovered a cyber espionage campaign by China-linked APT UNC6384 targeting diplomatic entities in Hungary, Belgium, and other EU nations. UNC6384 is a China-nexus actor recently detailed by Google TAG, has expanded from targeting Southeast…
-
Beware of Fake ChatGPT Apps That Spy on Users and Steal Sensitive Data
The proliferation of artificial intelligence applications has created unprecedented opportunities for cybercriminals to exploit user trust through deceptive mobile apps. Mobile app stores today are flooded with hundreds of lookalike applications claiming to offer ChatGPT, DALL·E, and other AI services. Security researchers have discovered that beneath polished logos and promises of advanced functionality lies a…
-
Chinese-Linked Hackers Exploit Windows Flaw to Spy on Belgian and Hungarian Diplomats
A new UNC6384 campaign highlights the threat actor’s growing sophistication and geographic expansion First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/chinese-hackers-windows-flaw-spy/
-
Beware of Fake ChatGPT Apps That Spy on Users and Steal Sensitive Data
The proliferation of artificial intelligence applications has created unprecedented opportunities for cybercriminals to exploit user trust through deceptive mobile apps. Mobile app stores today are flooded with hundreds of lookalike applications claiming to offer ChatGPT, DALL·E, and other AI services. Security researchers have discovered that beneath polished logos and promises of advanced functionality lies a…
-
Chinese-Linked Hackers Exploit Windows Flaw to Spy on Belgian and Hungarian Diplomats
A new UNC6384 campaign highlights the threat actor’s growing sophistication and geographic expansion First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/chinese-hackers-windows-flaw-spy/
-
Windows zero-day actively exploited to spy on European diplomats
A China-linked hacking group is exploiting a Windows zero-day in attacks targeting European diplomats in Hungary, Belgium, and other European nations. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/chinese-hackers-exploit-windows-zero-day-to-spy-on-european-diplomats/
-
Windows zero-day actively exploited to spy on European diplomats
A China-linked hacking group is exploiting a Windows zero-day in attacks targeting European diplomats in Hungary, Belgium, and other European nations. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/chinese-hackers-exploit-windows-zero-day-to-spy-on-european-diplomats/
-
Suspected Chinese snoops weaponize unpatched Windows flaw to spy on European diplomats
Expired security cert, real Brussels agenda, plus PlugX malware finish the job First seen on theregister.com Jump to article: www.theregister.com/2025/10/30/suspected_chinese_snoops_abuse_unpatched/
-
Suspected Chinese snoops weaponize unpatched Windows flaw to spy on European diplomats
Expired security cert, real Brussels agenda, plus PlugX malware finish the job First seen on theregister.com Jump to article: www.theregister.com/2025/10/30/suspected_chinese_snoops_abuse_unpatched/
-
Diplomatic entities in Belgium and Hungary hacked in China-linked spy campaign
A cyber-espionage operation attributed to China used the PlugX malware against Belgian and Hungarian diplomatic entities over the last two months, according to a new report. First seen on therecord.media Jump to article: therecord.media/belgium-hungary-diplomatic-entities-hacked-unc6384
-
How neighbors could spy on smart homes
Even with strong wireless encryption, privacy in connected homes may be thinner than expected. A new study from Leipzig University shows that someone in an adjacent apartment … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/10/30/spy-on-smart-homes-privacy-research/
-
New names surface for NSA director, other top jobs at spy agency
Officers from the Army and Air Force are under consideration to lead the NSA, and moves could be happening soon for other top jobs at the spy agency, sources tell Recorded Future News. First seen on therecord.media Jump to article: therecord.media/national-security-agency-vacancies-director-deputy-general-counsel
-
New names surface for NSA director, other top jobs at spy agency
Officers from the Army and Air Force are under consideration to lead the NSA, and moves could be happening soon for other top jobs at the spy agency, sources tell Recorded Future News. First seen on therecord.media Jump to article: therecord.media/national-security-agency-vacancies-director-deputy-general-counsel
-
New HyperRat Android Malware Sold as Ready-Made Spy Tool
Researchers have uncovered HyperRat, a new Android malware sold as a service, giving attackers remote control, data theft tools, and mass phishing features. First seen on hackread.com Jump to article: hackread.com/hyperrat-android-malware-sold-spy-tool/